Re: Help in implementing a PKI/Smart Card Infrastrucutre
From: S. Pidgorny
Date: 03/12/05
- Previous message: Steven L Umbach: "Re: A/D Permissions"
- In reply to: Edward W. Ray: "Help in implementing a PKI/Smart Card Infrastrucutre"
- Next in thread: Michael Ströder: "Re: Help in implementing a PKI/Smart Card Infrastrucutre"
- Reply: Michael Ströder: "Re: Help in implementing a PKI/Smart Card Infrastrucutre"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Sun, 13 Mar 2005 01:43:46 +1100
So your problem is actually buying the hardware (smart cards) and the
software (Windows CSP)? Yes, vendors are still more enterprise-focused and I
fing it surprising that small businesses who are in much better position to
have better logon security with smart cards aren't doing it.
I found that Aladdin (vendors of eToken cards and USB tokens,
FIPS-certified - http://www.aladdin.com) are quite good - you can easily buy
the hardware from the local distributors, and the CSP is a free download
from their Web site.
There are numeous online shops that you can try.
-- Svyatoslav Pidgorny, MS MVP - Security, MCSE -= F1 is the key =- "Edward W. Ray" <edward_ray@hotmail.com> wrote in message news:u24M#yqJFHA.916@TK2MSFTNGP10.phx.gbl... > Ladies and Gentlemen: > > I need help in getting ANYONE to talk to me about implementing Smart > Card/PKI in my small business. From reading "Windows Server 2003 PKI and > Certificate Security" by Brian Komar and > "Windows Server 2003 Security Infrastructures" by Jan De Clerq, I know PKI > and how it is implemented in Windows 2003/XP Active Directory pretty well. > I have already implemented a two tier CA infrastructure using Windows 2003 > Enterprise Servers. I only use Enterprise Servers in my small business > because Small Business Server and Standard Server have a crippled PKI. I > run a Windows 2003 native AD domain with Windows 2003, Windows XP and Linux > machines. I use certificates for e-mail and IPSec authentication on my > LAN/WAN. > > I would like to expand my PKI to include smart card logon. I have already > decided on the hardware choices; FIPS 140 Level 3 compliant hardware is > preferred. My challenge is getting anyone from GemPlus, Rainbow > Technologies, etc to talk to anyone of my size. I have tried calling > vendors such as GemPlus and Rainbow Technologies, but get no response. My > impression is unless I am a Fortune 500 company with tens of millions of > dollars to spend, Smart Card/PKI vendors will not give me the time of day. > > Even Bill Gates has stated that passwords are a failed policy and two-factor > authentication is really the way to go. I know Microsoft has implemented > smart cards in their infrastructure. It would be a great help to small > businesses like mine for Microsoft to share/help/facilitate the > implementation of Smart Cards/PKI for small businesses. As this is a > security issue, it would appear to be a win-win for all parties involved. > > If anyone, MS or non-MS, can help guide me to people who can help my small > business purchase the hardware I need to implement smart cards, it would be > greatly appreciated. For MS folks that may frequent this news thread, I > will be attending a Microsoft .NET three day seminar in Santa Monica March > 14-16. If anyone from MS can contact me at this event to help, it would be > much appreciated. > > Regards, > > Edward W. Ray > CISSP, MCSE 2003+Security, P.E., GCIA, GCIH > President, MMICMAN LLC > ewray at mmicman dot com > (714) 926-4514 > >
- Previous message: Steven L Umbach: "Re: A/D Permissions"
- In reply to: Edward W. Ray: "Help in implementing a PKI/Smart Card Infrastrucutre"
- Next in thread: Michael Ströder: "Re: Help in implementing a PKI/Smart Card Infrastrucutre"
- Reply: Michael Ströder: "Re: Help in implementing a PKI/Smart Card Infrastrucutre"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
